The aim of this proposal is to reimburse the cost of the process to make it possible to use Ledger hardware wallets to secure Hive accounts. All the work that is mentioned in this proposal has already been done and all the software is open-source. The entire process took almost 2 years and involved multiple parties paid up-front by me but it's done and Hive is now officially supported by Ledger.

Proposal subject

The proposal will reimburse the following items (each described in detail later):

• review of the previous app developed by another developer
• contributing to the old app to add the latest operations and trying to fix it to work with the new Ledger SDK
• development of the Ledger app from scratch to use the latest SDK and unify user experience for every Ledger model (Nano S/S+/X)
• development of automated tests to cover the source code (high coverage of unit tests, integration tests, etc)
• development of the Typescript library to enable communication with Ledger application
• development of the CLI tool for Ledger to make the initial Functional Review
• professional graphic designs for hiveledger.io
• development of a feature-full Hive Ledger Online Wallet (companion app)
• writing excessive documentation and supporting the Ledger team during the audit and approval process
• supporting other developers and users

Proposal amount: 90,000 HBD

The proposed amount will cover all the labor costs put into the development by me, hired developers, and the graphic designer along with all necessary equipment (hardware wallets that have been used for development, etc). It also covers recurring costs like domain name and hosting for the next few years.

As this is a reimbursement proposal, I'm asking for 3000 HBD daily during the 30 days period.

What will happen if the proposal doesn't get funded?

All the work mentioned in this proposal has been already done and Hive is already officially supported by Ledger. All the software created during the process is open-sourced and publicly available. The only thing that will happen is that I will be sad about doing 2 years of professional work for free ;)

Motivation

There were three major reasons why I decided to start working on this:

• I believe it's really important for the blockchain to have hardware wallets support to express that the project is mature enough to become considered serious and secure
• I wanted to use a hardware wallet to protect my Hive account and feel safe
• I was eager to show that Hive ecosystem is capable of developing high quality, well looking and feature-full software

I'm supporting Hive from the very beginning and have been around developing useful stuff since Steem's days. I believe we can start acting like professionals and I decided to show that we're capable of doing serious stuff. I wanted to make it possible to use hardware wallets to secure Hive accounts and create best wallet available. In order to achieve the goal, I went through all the steps involved in software development: research, UX design, UI design, development, testing, and more. I made the major part of the job by myself but also paid up-front for the work of a few external contractors from my pocket to make sure I will be able to finish it.

Benefits of hardware wallets support

Improved security

Hardware wallets are considered one of the best ways to manage your crypto assets. Using a hardware wallet increases overall security because you never expose your private keys to the outside world. Private keys are securely stored inside the hardware and never leave it. Even if you connect the device via USB, there is no way to leak your private keys. That's essential for your account security as we all know that leaks happen all the time, even to those who take special care to prevent them.

More exposure for the Hive ecosystem

It also opens Hive to a broader audience. From now on, it can be targeted to people that rely on hardware wallets to protect their assets. It often happens, that crypto projects without hardware wallets support are not taken seriously. It is not a case anymore for Hive and combining it with 20% APR for keeping our stable coin, makes a great opportunity to start onboarding more and more serious investors. Making Hive mainstream is our common goal and is a win-win for every one of us.

---

The process

The process to get official support from Ledger is long and complex. It requires the development of a hardware wallet application (low-level C language programming skills required), a companion app (online wallet that is easy to use for the end user), additional libraries to enable easy usage for other developers, excessive documentation for Ledger team and users, and even more.

Depending on the release type, different deliverables are required by Ledger. We were aiming for public release and official support:

Each deliverable is composed of multiple additional steps and requirements. For example, the Security deliverable requires:

• Manual Code Reviews
• Automated Static Code Analysis
• Automated Security Check with CodeQL
• Zero warnings during compilation
• Units tests must be present
• Functional tests must be present
• External Security audits must be performed
• App must have proper permissions and flags
• App must be restricted to Coin-Specific BIP32 prefix
• App must follow Good Practices for Transaction Handling

Additionally, the Ledger team performs a set of reviews of the application before they decide to publicly list the blockchain on their site:

What has been done

Most of my journey to bring the Ledger support is documented on the Hive blockchain as I was posting multiple articles to keep the community updated with the process.

Review of the old source code and the attempt to fix it

It all started at the beginning of the year 2021. It's not a secret that there was an attempt to develop a Hive ledger application in the past. There was a proposal that was paid up-front and the work has never been finished (btw, that's the reason I decided to create a reimbursement proposal after making sure we are officially supported by Ledger).

I started my journey by reading and reviewing the old source code. It was... far from what I expected from a quality code, especially the code that is responsible for making Hive accounts more secure.

I performed some manual tests and decided to fix bugs and even improve it by adding support for new operations that were introduced in Hardfork 25. I contributed to the project but my changes were never accepted and now the old repository got archived and is dead.

• Ledger App updated with HF25 operations
• fix: operations decoding

Meanwhile, I started reading the Ledger SDK documentation and getting familiar with the BOLOS system and Ledger requirements. I realized that it's impossible to get official support with the old code. It was bad, not covered with tests, outdated, and not capable of running on multiple models.

I decided to rewrite the app from scratch in a professional manner, making it ready to run with the newest SDK on all available models.

Writing hardware wallet application from scratch

That was the most challenging part of the entire process. As stated on ledger.com:

Developing applications for Ledger devices is an intricate process. The security of the user funds relies on the fact that the application works in a correct and secure manner and that potential attackers cannot misuse it to extract private data and/or sign requests which are not authorized by the user. The app should guard against such attacks because they have a very low entry point – a Ledger device attached to a compromised host might be a victim of the attacker’s program sending invalid/non-standard requests to the device.

Moreover, hardware wallets do have some specific limitations like slow CPU, limited RAM, small display, only two buttons to interact, etc. Additionally, Ledger hardware wallet applications are executed in a custom-made BOLOS operating system.

All of those required spending countless hours on learning, coding, and testing. But in the end, everything went well and the app passed all reviews (including the security audit) performed by Ledger.

High coverage of automated tests

I put a lot of effort into unit testing the app (which is not only required by Ledger company but also very useful in the matter of stability and security). I covered most of my files with unit tests written in ANSI C, using the cmocka framework. This will minimize potential problems, like buffer overflows/underflows, etc which are common on apps written in C.

Functional tests are equally important. I've created a test suite to automatically perform signing tests for all available operations and use cases, including the incorrect ones (to make sure your accounts are secure).

Typescript library to communicate with Ledger application

It was crucial to make it possible for me and other developers to easily communicate with the Hive application running on a hardware wallet. This library is being used by hiveledger.io, hive-ledger-cli, and will be utilized by @stoodkev shortly to add the support of Ledger wallets in the most popular Hive browser extension called Hive Keychain.

The library is written in TypeScript and open-sourced, covered with tests as well.

• @engrave/ledger-app-hive

CLI tool for Ledger team to make the initial Functional Review

This tool was used by the Ledger team to perform the initial Functional Review. It was not clear to the Ledger if the application is designed in a way that will be easy enough to be used by an average crypto user.

For this purpose, I've created a CLI application (Command Line Interface) that utilizes the previously created TypeScript library to perform basic operations on the Hive account, including the onboarding and deboarding from the Ledger device.

Thanks to this tool, Ledger was capable of performing a Functional Review and preliminarily accepted the application.

• Hive Ledger application has passed the functional review!

Design and development of new Hive Ledger Online Wallet (hiveledger.io)

I wanted to create a professional wallet for Hive. The wallet that could stand as an example of how good software we can do on Hive. Moreover, the flow to onboard Hive accounts with a hardware wallet is complex and it couldn't fit into any existing wallet easily. I wanted Hive Ledger to be easy for an average user.

I started my work with UX research and UI mockups to make sure we can cover all the common use cases for Hive users. I created multiple designs with multiple iterations and performed user tests on those to get some feedback.

Those mockups were used later on by hired graphic designer to create final designs. I believe we should care about the appearance of our software and I wanted Hive Ledger Wallet to be great. It required close cooperation between me and the designer to consider every aspect of Hive blockchain specifics. Final designs prepared by the graphic designer:

Hive Ledger Online Wallet was coded by a professional front-end developer. The source code is open source and unit-tested when possible. This makes it a great addition to the Hive ecosystem.

The final product is already being used by multiple users and it is the official wallet for Hive and Ledger integration, linked on ledger.com

I'm also currently working on further improvements to make it even better.

Documentation and support for Ledger Team

The excessive documentation was required by the Ledger team for both developers and end users. I wrote multiple articles that are now used as official support materials for Ledger users.

• How to use your ledger device with hive-ledger-cli
• How to use Hive Ledger Wallet
• Application Protocol Data Unit (APDU) documentation
• Hive application commands documentation

I also performed multiple discussions with the security team to explain Hive blockchain specifics and design decisions.

Other improvements

While Ledger Team was performing a Security Audit of the submitted source code, I continued working on further improvements and this is how Blind Signing was introduced.

More info about Blind Signing can be found here:

• New Hive Ledger application feature - hash signing (blind signing)

What next?

I'm going to continue my work on hiveledger.io making it even better. I'm going to cooperate with other developers, for example, @stoodkev to make it possible to use Ledger devices with Hive Keychain extension to make the experience flawless.

Vote for the proposal!

Use your favorite frontend to vote for #242 proposal:

PeakD: https://peakd.com/me/proposals/242
Ecency: https://ecency.com/proposals/242
Hive.blog: https://wallet.hive.blog/proposals

You can also use your Ledger device on hiveledger.io to vote for the proposal!